Overview
AlphaSOC ingests and analyzes telemetry from a diverse array of sources, empowering security teams across varied enterprise environments. Below is a table of officially supported data origins that include the range of cloud platforms, SaaS applications, network sensors, and more that AlphaSOC seamlessly integrates with.
| Product | Data Origins |
|---|---|
| 1Password BETA | 1password-event-audit, 1password-item-audit, 1password-login-audit |
| AWS - CloudTrail | aws-cloudtrail |
| AWS - Elastic Kubernetes Service BETA | kube-audit |
| AWS - Route 53 | aws-route53 |
| AWS - VPC Flow | aws-vpc-flow |
| Atlassian BETA | atlassian-audit |
| Carbon Black | carbonblack-netconn |
| Confluence BETA | confluence-audit |
| CoreDNS | dnstap |
| Corelight | zeek-conn, zeek-dhcp, zeek-dns, zeek-http, zeek-ssl |
| CrowdStrike | crowdstrike-aid-master, crowdstrike-data |
| GCP - Audit Logs | gcp-audit |
| GCP - Cloud DNS | gcp-dns |
| GCP - Kubernetes Engine | gcp-kube-audit |
| GCP - VPC Flow | gcp-vpc-flow |
| GitHub BETA | github-audit |
| Google Security Operations BETA | google-secops-udm |
| Google Workspace | google-workspace |
| JAMF BETA | jamf-audit, jamf-compliance-reporter |
| Jira BETA | jira-audit |
| Kubernetes | kube-audit |
| LimaCharlie | limacharlie |
| Microsoft 365 PLANNING | microsoft-365-audit |
| Microsoft Azure - Activity | azure-activity-audit |
| Microsoft Azure - NSG Flow Logs DEPRECATED | azure-nsg-flow |
| Microsoft Azure - VNet Flow | azure-vnet-flow |
| Microsoft Azure Kubernetes Service PLANNING | |
| Microsoft Entra ID BETA | microsoft-entra-audit |
| Okta BETA | okta-audit |
| Palo Alto Networks | pan |
| SentinelOne | sentinelone-deep-visibility |
| Slack | slack-audit |
| Snowflake PLANNING | |
| Systemd Journal | journald |
| Zeek | zeek-conn, zeek-dhcp, zeek-dns, zeek-http, zeek-ssl |
| Other | azure-device-network, ocsf |
Custom Logs
Beyond the listed sources, AlphaSOC can ingest telemetry in any custom log format, ensuring flexibility for diverse data environments. Additionally, it supports Sigma, an open-source standard for crafting detection rules, empowering you to create custom detections that enhance your security capabilities across virtually any structured log data. After configuring your preferred transport method, you can write these custom Sigma rules to strengthen your security monitoring.
Need AlphaSOC to work with a unique log format? Contact support@alphasoc.com, and our team will collaborate with you to build a custom parser tailored to your needs.